diff --git a/src/System Application/App/AI/src/Copilot/CopilotCapabilitiesGA.Page.al b/src/System Application/App/AI/src/Copilot/CopilotCapabilitiesGA.Page.al index 3cb736b912..9fba0968a2 100644 --- a/src/System Application/App/AI/src/Copilot/CopilotCapabilitiesGA.Page.al +++ b/src/System Application/App/AI/src/Copilot/CopilotCapabilitiesGA.Page.al @@ -93,6 +93,7 @@ page 7774 "Copilot Capabilities GA" Rec.Modify(true); CopilotCapabilityImpl.SendActivateTelemetry(Rec.Capability, Rec."App Id"); + Session.LogAuditMessage(StrSubstNo(CopilotFeatureActivatedLbl, Rec.Capability, Rec."App Id", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 4, 0); end; } action(Deactivate) @@ -114,6 +115,7 @@ page 7774 "Copilot Capabilities GA" Rec.Modify(true); CopilotCapabilityImpl.SendDeactivateTelemetry(Rec.Capability, Rec."App Id", CopilotDeactivate.GetReason()); + Session.LogAuditMessage(StrSubstNo(CopilotFeatureDeactivatedLbl, Rec.Capability, Rec."App Id", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 4, 0); end; end; } @@ -162,6 +164,8 @@ page 7774 "Copilot Capabilities GA" CapabilityEnabled: Boolean; DataMovementEnabled: Boolean; SupplementalTermsLinkTxt: Label 'https://go.microsoft.com/fwlink/?linkid=2236010', Locked = true; + CopilotFeatureDeactivatedLbl: Label 'The copilot/AI capability %1, App Id %2 has been deactivated by the UserSecurityId %3.', Locked = true; + CopilotFeatureActivatedLbl: Label 'The copilot/AI capability %1, App Id %2 has been activated by the UserSecurityId %3.', Locked = true; internal procedure SetDataMovement(Value: Boolean) begin diff --git a/src/System Application/App/Azure AD Plan/src/Plan Configuration/PlanConfiguration.Table.al b/src/System Application/App/Azure AD Plan/src/Plan Configuration/PlanConfiguration.Table.al index 15f35d3cc2..0a438eb47f 100644 --- a/src/System Application/App/Azure AD Plan/src/Plan Configuration/PlanConfiguration.Table.al +++ b/src/System Application/App/Azure AD Plan/src/Plan Configuration/PlanConfiguration.Table.al @@ -54,4 +54,24 @@ table 9017 "Plan Configuration" Unique = true; } } + trigger OnDelete() + begin + Session.LogAuditMessage(StrSubstNo(PlanConfigurationDeletedLbl, Rec.Id, UserSecurityId()), SecurityOperationResult::Success, AuditCategory::EntitlementManagement, 2, 0); + end; + + trigger OnInsert() + begin + Session.LogAuditMessage(StrSubstNo(PlanConfigurationCreatedLbl, Rec.Id, UserSecurityId()), SecurityOperationResult::Success, AuditCategory::EntitlementManagement, 2, 0); + end; + + trigger OnModify() + begin + Session.LogAuditMessage(StrSubstNo(PlanConfigurationModifiedLbl, Rec.Id, UserSecurityId()), SecurityOperationResult::Success, AuditCategory::EntitlementManagement, 2, 0); + end; + + var + PlanConfigurationDeletedLbl: Label 'The license configuration ID %1, has been deleted by the UserSecurityId %2.', Locked = true; + PlanConfigurationModifiedLbl: Label 'The license configuration ID %1, has been modified by the UserSecurityId %2.', Locked = true; + PlanConfigurationCreatedLbl: Label 'The license configuration ID %1, has been created by the UserSecurityId %2.', Locked = true; + } \ No newline at end of file diff --git a/src/System Application/App/Azure AD Plan/src/Plan Configuration/PlanConfigurationCard.Page.al b/src/System Application/App/Azure AD Plan/src/Plan Configuration/PlanConfigurationCard.Page.al index c9cb15ff7b..c968c916df 100644 --- a/src/System Application/App/Azure AD Plan/src/Plan Configuration/PlanConfigurationCard.Page.al +++ b/src/System Application/App/Azure AD Plan/src/Plan Configuration/PlanConfigurationCard.Page.al @@ -47,6 +47,13 @@ page 9069 "Plan Configuration Card" Importance = Promoted; Caption = 'Customize permissions'; ToolTip = 'Specifies whether the default permissions are customized.'; + + trigger OnValidate() + begin + if Rec.Customized then + Session.LogAuditMessage(StrSubstNo(PlanConfigurationCustomizedLbl, Rec.Id, UserSecurityId()), SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 2, 0); + + end; } } } @@ -122,6 +129,7 @@ page 9069 "Plan Configuration Card" var IsSaaS: Boolean; + PlanConfigurationCustomizedLbl: Label 'The Plan configuration %1, has been customized by the UserSecurityId %2.', Locked = true; trigger OnAfterGetCurrRecord() var diff --git a/src/System Application/App/Azure AD User Management/src/User sync/AzureADUserUpdateWizard.Page.al b/src/System Application/App/Azure AD User Management/src/User sync/AzureADUserUpdateWizard.Page.al index cdebcc9c9a..e12adcedb9 100644 --- a/src/System Application/App/Azure AD User Management/src/User sync/AzureADUserUpdateWizard.Page.al +++ b/src/System Application/App/Azure AD User Management/src/User sync/AzureADUserUpdateWizard.Page.al @@ -289,6 +289,7 @@ page 9515 "Azure AD User Update Wizard" AzureADUserSyncImpl: Codeunit "Azure AD User Sync Impl."; GuidedExperience: Codeunit "Guided Experience"; SuccessCount: Integer; + UpdateUsersfromMicrosoft365RunLbl: Label 'Update users from Microsoft 365 wizard has been run by the UserSecurityId %1.', Locked = true; begin Rec.Reset(); SuccessCount := AzureADUserSyncImpl.ApplyUpdatesFromAzureGraph(Rec); @@ -296,6 +297,7 @@ page 9515 "Azure AD User Update Wizard" Rec.DeleteAll(); GuidedExperience.CompleteAssistedSetup(ObjectType::Page, Page::"Azure AD User Update Wizard"); + Session.LogAuditMessage(StrSubstNo(UpdateUsersfromMicrosoft365RunLbl, UserSecurityId()), SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 2, 0); MakeAllGroupsInvisible(); FinishedVisible := true; diff --git a/src/System Application/App/Data Classification/src/DataClassificationMgtImpl.Codeunit.al b/src/System Application/App/Data Classification/src/DataClassificationMgtImpl.Codeunit.al index 70b194d9b0..d3d7fa66d4 100644 --- a/src/System Application/App/Data Classification/src/DataClassificationMgtImpl.Codeunit.al +++ b/src/System Application/App/Data Classification/src/DataClassificationMgtImpl.Codeunit.al @@ -19,6 +19,7 @@ codeunit 1753 "Data Classification Mgt. Impl." var DataSensitivityOptionStringTxt: Label 'Unclassified,Sensitive,Personal,Company Confidential,Normal', Comment = 'It needs to be translated as the field Data Sensitivity on Page 1751 Data Classification WorkSheet and field Data Sensitivity of Table 1180 Data Privacy Entities'; LegalDisclaimerTxt: Label 'Microsoft is providing this Data Classification feature as a matter of convenience only. It''s your responsibility to classify the data appropriately and comply with any laws and regulations that are applicable to you. Microsoft disclaims all responsibility towards any claims related to your classification of the data.'; + DataSensitivitySetLbl: Label 'The Data sensitivity value %1 has been set for Company Name %2, Table No %3, Field No %4 by UserSecurityId %5.', Locked = true; procedure PopulateDataSensitivityTable() var @@ -47,6 +48,8 @@ codeunit 1753 "Data Classification Mgt. Impl." DataSensitivity."Field No" := FieldNo; DataSensitivity."Data Sensitivity" := DataSensitivityOption; DataSensitivity.Insert(); + Session.LogAuditMessage(StrSubstNo(DataSensitivitySetLbl, DataSensitivity."Data Sensitivity", DataSensitivity."Company Name", + DataSensitivity."Table No", DataSensitivity."Field No", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 3, 0); end; end; @@ -63,6 +66,8 @@ codeunit 1753 "Data Classification Mgt. Impl." DataSensitivity."Last Modified By" := UserSecurityId(); DataSensitivity."Last Modified" := Now; DataSensitivity.Modify(); + Session.LogAuditMessage(StrSubstNo(DataSensitivitySetLbl, DataSensitivity."Data Sensitivity", DataSensitivity."Company Name", + DataSensitivity."Table No", DataSensitivity."Field No", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 3, 0); until DataSensitivity.Next() = 0; end; diff --git a/src/System Application/App/Feature Key/src/FeatureManagementImpl.Codeunit.al b/src/System Application/App/Feature Key/src/FeatureManagementImpl.Codeunit.al index a926642324..6467288aa8 100644 --- a/src/System Application/App/Feature Key/src/FeatureManagementImpl.Codeunit.al +++ b/src/System Application/App/Feature Key/src/FeatureManagementImpl.Codeunit.al @@ -85,6 +85,7 @@ codeunit 2610 "Feature Management Impl." var FeatureManagementFacade: Codeunit "Feature Management Facade"; InitializeHandled: Boolean; + FeatureKeyStatusChangedLbl: Label 'The status of the feature key %1 has been set to %2 by UserSecurityId %3.', Locked = true; begin if FeatureDataUpdateStatus.Get(FeatureKey.ID, CompanyName()) then exit; @@ -107,7 +108,8 @@ codeunit 2610 "Feature Management Impl." // If the table extension is not in sync during upgrade then Get() always returns False, // so the following insert will fail if the record does exist. if AllowInsert then - if FeatureDataUpdateStatus.Insert() then; + if FeatureDataUpdateStatus.Insert() then + Session.LogAuditMessage(StrSubstNo(FeatureKeyStatusChangedLbl, FeatureDataUpdateStatus."Feature Key", FeatureDataUpdateStatus."Feature Status", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 4, 0); end; /// diff --git a/src/System Application/App/Permission Sets/src/PermissionImpl.Codeunit.al b/src/System Application/App/Permission Sets/src/PermissionImpl.Codeunit.al index afd8b87385..fe0974a13e 100644 --- a/src/System Application/App/Permission Sets/src/PermissionImpl.Codeunit.al +++ b/src/System Application/App/Permission Sets/src/PermissionImpl.Codeunit.al @@ -23,6 +23,8 @@ codeunit 9864 "Permission Impl." IncludeDescriptionOption: Option "Specifies no permission","Specifies direct permission","Specifies indirect permission"; ExcludeOption: Option " ",Exclude,"Reduce to indirect"; ExcludeDescriptionOption: Option "No change to permission","Excludes any permission","Excludes any direct permission"; + PermissionUpdatedLbl: Label 'The tenant %1 permission for the App Id %2, Role %3, ObjectType %4, ObjectId %5 has been updated with the value: "%6", by the UserSecurityId %7.', Locked = true; + MultiplePermissionsUpdatedLbl: Label 'The tenant permissions for the App Id %1, Role %2, ObjectType %3, ObjectId %4 have been updated with the following values - Read "%5", Insert "%6", Modify "%7" and Delete "%8" by the UserSecurityId %9.', Locked = true; procedure SelectPermissions(CurrAppId: Guid; CurrRoleID: Code[20]): Boolean var @@ -97,30 +99,40 @@ codeunit 9864 "Permission Impl." if TenantPermission."Read Permission" <> PermissionOption then begin TenantPermission."Read Permission" := PermissionOption; ModifyPermissionLine := true; + Session.LogAuditMessage(StrSubstNo(PermissionUpdatedLbl, RIMDX, TenantPermission."App ID", TenantPermission."Role ID", TenantPermission."Object Type", TenantPermission."Object ID", + TenantPermission."Read Permission", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::RoleManagement, 2, 0); end; 'I': if TenantPermission."Object Type" = TenantPermission."Object Type"::"Table Data" then if TenantPermission."Insert Permission" <> PermissionOption then begin TenantPermission."Insert Permission" := PermissionOption; ModifyPermissionLine := true; + Session.LogAuditMessage(StrSubstNo(PermissionUpdatedLbl, RIMDX, TenantPermission."App ID", TenantPermission."Role ID", TenantPermission."Object Type", TenantPermission."Object ID", + TenantPermission."Insert Permission", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::RoleManagement, 2, 0); end; 'M': if TenantPermission."Object Type" = TenantPermission."Object Type"::"Table Data" then if TenantPermission."Modify Permission" <> PermissionOption then begin TenantPermission."Modify Permission" := PermissionOption; ModifyPermissionLine := true; + Session.LogAuditMessage(StrSubstNo(PermissionUpdatedLbl, RIMDX, TenantPermission."App ID", TenantPermission."Role ID", TenantPermission."Object Type", TenantPermission."Object ID", + TenantPermission."Modify Permission", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::RoleManagement, 2, 0); end; 'D': if TenantPermission."Object Type" = TenantPermission."Object Type"::"Table Data" then if TenantPermission."Delete Permission" <> PermissionOption then begin TenantPermission."Delete Permission" := PermissionOption; ModifyPermissionLine := true; + Session.LogAuditMessage(StrSubstNo(PermissionUpdatedLbl, RIMDX, TenantPermission."App ID", TenantPermission."Role ID", TenantPermission."Object Type", TenantPermission."Object ID", + TenantPermission."Delete Permission", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::RoleManagement, 2, 0); end; 'X': if TenantPermission."Object Type" <> TenantPermission."Object Type"::"Table Data" then if TenantPermission."Execute Permission" <> PermissionOption then begin TenantPermission."Execute Permission" := PermissionOption; ModifyPermissionLine := true; + Session.LogAuditMessage(StrSubstNo(PermissionUpdatedLbl, RIMDX, TenantPermission."App ID", TenantPermission."Role ID", TenantPermission."Object Type", TenantPermission."Object ID", + TenantPermission."Execute Permission", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::RoleManagement, 2, 0); end; '*': if TenantPermission."Object Type" = TenantPermission."Object Type"::"Table Data" then begin @@ -134,11 +146,15 @@ codeunit 9864 "Permission Impl." TenantPermission."Modify Permission" := PermissionOption; TenantPermission."Delete Permission" := PermissionOption; ModifyPermissionLine := true; + Session.LogAuditMessage(StrSubstNo(MultiplePermissionsUpdatedLbl, TenantPermission."App ID", TenantPermission."Role ID", TenantPermission."Object Type", TenantPermission."Object ID", + TenantPermission."Read Permission", TenantPermission."Insert Permission", TenantPermission."Modify Permission", TenantPermission."Delete Permission", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::RoleManagement, 2, 0); end; end else if TenantPermission."Execute Permission" <> PermissionOption then begin TenantPermission."Execute Permission" := PermissionOption; ModifyPermissionLine := true; + Session.LogAuditMessage(StrSubstNo(PermissionUpdatedLbl, RIMDX, TenantPermission."App ID", TenantPermission."Role ID", TenantPermission."Object Type", TenantPermission."Object ID", + TenantPermission."Execute Permission", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::RoleManagement, 2, 0); end; end; if ModifyPermissionLine then diff --git a/src/System Application/App/Permission Sets/src/PermissionSet.Page.al b/src/System Application/App/Permission Sets/src/PermissionSet.Page.al index ce05d3e6dc..adae34a75f 100644 --- a/src/System Application/App/Permission Sets/src/PermissionSet.Page.al +++ b/src/System Application/App/Permission Sets/src/PermissionSet.Page.al @@ -177,6 +177,7 @@ page 9855 "Permission Set" exit; AddLoggedPermissions(TempTablePermissionBuffer); + Session.LogAuditMessage(StrSubstNo(PermissionSetModifiedLbl, Rec."Role ID", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::RoleManagement, 2, 0); CurrPage.MetadataPermissions.Page.Update(false); end; } @@ -277,5 +278,6 @@ page 9855 "Permission Set" CannotManagePermissionsErr: Label 'Only users with the SUPER or the SECURITY permission set can delete permission sets.'; CannotDeletePermissionSetErr: Label 'You can only delete user-created or copied permission sets.'; PermissionSetCaptionTok: Label '%1 (%2)', Locked = true; + PermissionSetModifiedLbl: Label 'The permission set %1 has been modified by the UserSecurityId %2.', Locked = true; PermissionLoggingRunning: Boolean; } \ No newline at end of file diff --git a/src/System Application/App/Permission Sets/src/PermissionSetCopyImpl.Codeunit.al b/src/System Application/App/Permission Sets/src/PermissionSetCopyImpl.Codeunit.al index 03be380c15..93e7d8075a 100644 --- a/src/System Application/App/Permission Sets/src/PermissionSetCopyImpl.Codeunit.al +++ b/src/System Application/App/Permission Sets/src/PermissionSetCopyImpl.Codeunit.al @@ -18,6 +18,9 @@ codeunit 9863 "Permission Set Copy Impl." FeatureTelemetry: Codeunit "Feature Telemetry"; PermissionSetExistsErr: Label 'Permission set already exists.'; ComposablePermissionSetsTok: Label 'Composable Permission Sets', Locked = true; + PermissionsUpdatedLbl: Label 'The tenant permissions for the App Id %1, Role %2, ObjectType %3, ObjectId %4 have been updated with the following values - Read "%5", Insert "%6", Modify "%7", Delete "%8" and Execute "%9" by the UserSecurityId %10.', Locked = true; + PermissionsInsertedLbl: Label 'The tenant permissions for the App Id %1, Role %2, ObjectType %3, ObjectId %4 have been inserted with the following values - Read "%5", Insert "%6", Modify "%7", Delete "%8" and Execute "%9" by the UserSecurityId %10.', Locked = true; + ReadAccessAddedToRelatedTablesLbl: Label 'The Read Permission for the App Id %1, Role %2, ObjectType %3, ObjectId %4 have been granted by the UserSecurityId %5.', Locked = true; procedure CopyPermissionSet(NewRoleId: Code[30]; NewName: Text; SourceRoleId: Code[30]; SourceAppId: Guid; SourceScope: Option System,Tenant; CopyType: Enum "Permission Set Copy Type") begin @@ -257,6 +260,8 @@ codeunit 9863 "Permission Set Copy Impl." TenantPermission."Delete Permission" := AddDelete; TenantPermission."Execute Permission" := AddExecute; TenantPermission.Insert(); + Session.LogAuditMessage(StrSubstNo(PermissionsInsertedLbl, AppID, CopyStr(RoleID, 1, MaxStrLen(TenantPermission."Role ID")), ObjectType, ObjectID, + AddRead, AddInsert, AddModify, AddDelete, AddExecute, UserSecurityId()), SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 2, 0); end else begin TenantPermission."Read Permission" := LogActivityPermissions.GetMaxPermission(TenantPermission."Read Permission", AddRead); TenantPermission."Insert Permission" := LogActivityPermissions.GetMaxPermission(TenantPermission."Insert Permission", AddInsert); @@ -264,6 +269,8 @@ codeunit 9863 "Permission Set Copy Impl." TenantPermission."Delete Permission" := LogActivityPermissions.GetMaxPermission(TenantPermission."Delete Permission", AddDelete); TenantPermission."Execute Permission" := LogActivityPermissions.GetMaxPermission(TenantPermission."Execute Permission", AddExecute); TenantPermission.Modify(); + Session.LogAuditMessage(StrSubstNo(PermissionsUpdatedLbl, AppID, CopyStr(RoleID, 1, MaxStrLen(TenantPermission."Role ID")), ObjectType, ObjectID, + AddRead, AddInsert, AddModify, AddDelete, AddExecute, UserSecurityId()), SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 2, 0); end; end; @@ -283,6 +290,8 @@ codeunit 9863 "Permission Set Copy Impl." AddToTenantPermission( AppID, RoleID, TempTenantPermission."Object Type"::"Table Data", TableRelationsMetadata."Related Table ID", TempTenantPermission."Read Permission"::Yes, TempTenantPermission."Insert Permission"::" ", TempTenantPermission."Modify Permission"::" ", TempTenantPermission."Delete Permission"::" ", TempTenantPermission."Execute Permission"::" "); + Session.LogAuditMessage(StrSubstNo(ReadAccessAddedToRelatedTablesLbl, AppID, RoleID, TempTenantPermission."Object Type"::"Table Data", TempTenantPermission."Object ID", UserSecurityId()), + SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 2, 0); until TableRelationsMetadata.Next() = 0; end; diff --git a/src/System Application/App/Privacy Notice/src/PrivacyNoticeApproval.Codeunit.al b/src/System Application/App/Privacy Notice/src/PrivacyNoticeApproval.Codeunit.al index f760171482..b0a611e8e5 100644 --- a/src/System Application/App/Privacy Notice/src/PrivacyNoticeApproval.Codeunit.al +++ b/src/System Application/App/Privacy Notice/src/PrivacyNoticeApproval.Codeunit.al @@ -15,6 +15,7 @@ codeunit 1564 "Privacy Notice Approval" procedure SetApprovalState(PrivacyNoticeId: Code[50]; UserSID: Guid; PrivacyNoticeApprovalState: Enum "Privacy Notice Approval State") var PrivacyNoticeApproval: Record "Privacy Notice Approval"; + PrivacyNoticeApprovedLbl: Label 'Privacy Notice Approval ID %1 provided by User SID %2.', Locked = true; begin if PrivacyNoticeApprovalState = "Privacy Notice Approval State"::"Not set" then begin ResetApproval(PrivacyNoticeId, UserSID); @@ -28,14 +29,17 @@ codeunit 1564 "Privacy Notice Approval" PrivacyNoticeApproval."Approver User SID" := UserSecurityId(); PrivacyNoticeApproval.Approved := PrivacyNoticeApprovalState = "Privacy Notice Approval State"::Agreed; PrivacyNoticeApproval.Modify(); + Session.LogAuditMessage(StrSubstNo(PrivacyNoticeApprovedLbl, PrivacyNoticeId, UserSID), SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 4, 0); end; procedure ResetApproval(PrivacyNoticeId: Code[50]; UserSID: Guid) var PrivacyNoticeApproval: Record "Privacy Notice Approval"; + PrivacyNoticeResetLbl: Label 'Privacy Notice Approval ID %1 has been reset by User SID %2.', Locked = true; begin PrivacyNoticeApproval.SetRange(ID, PrivacyNoticeId); PrivacyNoticeApproval.SetRange("User SID", UserSID); PrivacyNoticeApproval.DeleteAll(); + Session.LogAuditMessage(StrSubstNo(PrivacyNoticeResetLbl, PrivacyNoticeId, UserSID), SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 4, 0); end; } diff --git a/src/System Application/App/Retention Policy/src/Apply Retention Policy/ApplyRetentionPolicyImpl.Codeunit.al b/src/System Application/App/Retention Policy/src/Apply Retention Policy/ApplyRetentionPolicyImpl.Codeunit.al index d7b235a307..4cb4e73b51 100644 --- a/src/System Application/App/Retention Policy/src/Apply Retention Policy/ApplyRetentionPolicyImpl.Codeunit.al +++ b/src/System Application/App/Retention Policy/src/Apply Retention Policy/ApplyRetentionPolicyImpl.Codeunit.al @@ -30,6 +30,7 @@ codeunit 3904 "Apply Retention Policy Impl." StartApplyRetentionPoliciesInfoLbl: Label 'Started applying all retention policies.'; EndApplyRetentionPoliciesInfoLbl: Label 'Finished applying all retention policies.'; StartApplyRetentionPolicyInfoLbl: Label 'Started applying the retention policy defined for table %1, %2. ', Comment = '%1 = a id of a table (integer), %2 = the caption of the table.'; + RetentionPolicyAppliedLbl: Label 'The retention policy defined for table %1, %2 applied by the UserSecurityId %3. ', Locked = true; EndApplyRetentionPolicyInfoLbl: Label 'Finished applying the retention policy defined for table: %1, %2.', Comment = '%1 = a id of a table (integer), %2 = the caption of the table.'; DisabledRetentionPolicyOnMissingTableLbl: Label 'Table %1 was not found. The retention policy has been disabled.', Comment = '%1 = a id of a table (integer)'; StartRetentionPolicyRecordCountLbl: Label 'Started counting the number of expired records in table %1, %2. ', Comment = '%1 = a id of a table (integer), %2 = table caption'; @@ -132,6 +133,7 @@ codeunit 3904 "Apply Retention Policy Impl." RetentionPolicySetup.CalcFields("Table Name", "Table Caption"); RetentionPolicyLog.LogInfo(LogCategory(), AppendStartedByUserMessage(StrSubstNo(StartApplyRetentionPolicyInfoLbl, RetentionPolicySetup."Table Id", RetentionPolicySetup."Table Caption"), UserInvokedRun)); + Session.LogAuditMessage(StrSubstNo(RetentionPolicyAppliedLbl, RetentionPolicySetup."Table Id", RetentionPolicySetup."Table Caption", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 3, 0); if GetExpiredRecords(RetentionPolicySetup, RecordRef, ExpiredRecordExpirationDate) then DeleteExpiredRecords(RecordRef) diff --git a/src/System Application/App/Retention Policy/src/Retention Policy Setup/RetentionPolicySetup.Table.al b/src/System Application/App/Retention Policy/src/Retention Policy Setup/RetentionPolicySetup.Table.al index ae10a2bd77..72d69821ec 100644 --- a/src/System Application/App/Retention Policy/src/Retention Policy Setup/RetentionPolicySetup.Table.al +++ b/src/System Application/App/Retention Policy/src/Retention Policy Setup/RetentionPolicySetup.Table.al @@ -176,6 +176,13 @@ table 3901 "Retention Policy Setup" RetentionPolicySetupImpl.DeleteRetentionPolicySetup(Rec); end; + trigger OnInsert() + var + NewRetentionPolicyCreatedLbl: Label 'The new Retention Policy record with Table ID %1 is created by the UserSecurityId %2.', Locked = true; + begin + Session.LogAuditMessage(StrSubstNo(NewRetentionPolicyCreatedLbl, Rec."Table ID", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 3, 0); + end; + local procedure LogCategory() RetentionPolicyLogCategory: Enum "Retention Policy Log Category" begin exit(RetentionPolicyLogCategory::"Retention Policy - Setup") diff --git a/src/System Application/App/Security Groups/src/SecurityGroupPermissionSets.Page.al b/src/System Application/App/Security Groups/src/SecurityGroupPermissionSets.Page.al index 2281459067..ffbb182476 100644 --- a/src/System Application/App/Security Groups/src/SecurityGroupPermissionSets.Page.al +++ b/src/System Application/App/Security Groups/src/SecurityGroupPermissionSets.Page.al @@ -116,6 +116,8 @@ page 9868 "Security Group Permission Sets" trigger OnInsertRecord(BelowxRec: Boolean): Boolean begin + if Rec."Role ID" <> '' then + Session.LogAuditMessage(StrSubstNo(PermissionSetAddedToSecurityGroupLbl, Rec."Role ID", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 2, 0); exit(Rec."Role ID" <> ''); end; @@ -138,5 +140,6 @@ page 9868 "Security Group Permission Sets" var PageCaptionExpression: Text; + PermissionSetAddedToSecurityGroupLbl: Label 'The permission set %1 has been added to the security group by UserSecurityId %2.', Locked = true; } diff --git a/src/System Application/App/User Settings/src/UserSettingsImpl.Codeunit.al b/src/System Application/App/User Settings/src/UserSettingsImpl.Codeunit.al index d71b30f6c2..09acbae056 100644 --- a/src/System Application/App/User Settings/src/UserSettingsImpl.Codeunit.al +++ b/src/System Application/App/User Settings/src/UserSettingsImpl.Codeunit.al @@ -31,6 +31,7 @@ codeunit 9175 "User Settings Impl." UserCreatedAppNameTxt: Label '(User-created)'; DescriptionFilterTxt: Label 'Navigation menu only.'; NotEnoughPermissionsErr: Label 'You cannot open this page. Only administrators can access settings for other users.'; + UserSettingsUpdatedLbl: Label 'The user settings (UserSecurityId %1) has been updated with the values: Language ID %2, Locale ID %3, Company %4, Time Zone %5, Profile ID %6 by UserSecurityId %7 ', Locked = true; procedure GetPageId(): Integer var @@ -179,6 +180,8 @@ codeunit 9175 "User Settings Impl." ApplicationUserSettings."Teaching Tips" := NewUserSettings."Teaching Tips"; ApplicationUserSettings."Legacy Action Bar" := NewUserSettings."Legacy Action Bar"; ApplicationUserSettings.Modify(); + Session.LogAuditMessage(StrSubstNo(UserSettingsUpdatedLbl, UserPersonalization."User SID", UserPersonalization."Language ID", UserPersonalization."Locale ID", + UserPersonalization.Company, UserPersonalization."Time Zone", UserPersonalization."Profile ID", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 2, 0); end; local procedure UpdateCurrentUsersSettings(OldUserSettings: Record "User Settings"; NewUserSettings: Record "User Settings") diff --git a/src/System Application/App/Web Service Management/src/WebServiceManagementImpl.Codeunit.al b/src/System Application/App/Web Service Management/src/WebServiceManagementImpl.Codeunit.al index 64646780d8..14ce17b531 100644 --- a/src/System Application/App/Web Service Management/src/WebServiceManagementImpl.Codeunit.al +++ b/src/System Application/App/Web Service Management/src/WebServiceManagementImpl.Codeunit.al @@ -700,6 +700,7 @@ codeunit 9751 "Web Service Management Impl." var WebService: Record "Web Service"; TenantWebService: Record "Tenant Web Service"; + WebServiceCreatedLbl: Label 'The Web Service record with Object Type %1, Service Name %2 has been created by UserSecurityId %3.', Locked = true; begin if WebServiceAggregate."All Tenants" then begin Clear(WebService); @@ -709,7 +710,8 @@ codeunit 9751 "Web Service Management Impl." Clear(TenantWebService); TenantWebService.TransferFields(WebServiceAggregate); TenantWebService.Insert(); - end + end; + Session.LogAuditMessage(StrSubstNo(WebServiceCreatedLbl, WebServiceAggregate."Object Type", WebServiceAggregate."Service Name", UserSecurityId()), SecurityOperationResult::Success, AuditCategory::ApplicationManagement, 4, 0); end; procedure RemoveUnselectedColumnsFromFilter(var TenantWebService: Record "Tenant Web Service"; DataItemNumber: Integer; DataItemView: Text): Text